package com.airoc.demo.rest;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.airoc.demo.dao.DemoMapper;
import com.airoc.demo.dto.GenericResultDTO;
import com.airoc.demo.dto.OperDTO;
import com.airoc.demo.param.ChangePasswordParam;
import com.airoc.demo.param.CreateUserParam;
import com.airoc.demo.param.LoginParam;
import com.airoc.demo.service.UserService;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;

@RestController
@RequestMapping(value = "/api/users")
@Api(value = "/api/users", description = "操作员相关服务")
public class UserRest {

	@Autowired
	UserService userService;
	


	@RequestMapping(value = "/login", method = RequestMethod.POST)
	@ApiOperation(value = "操作员登录", notes = "判断用户名/密码正确性，创建session，并记录操作日志")
	public GenericResultDTO login(HttpServletRequest request, @RequestBody LoginParam loginParam) {
		boolean result = userService.login(loginParam);
		if(result) {
			request.getSession().setAttribute("user", loginParam);
			return new GenericResultDTO(true, "登录成功");
		}
		return new GenericResultDTO(false, "登录失败");
	}

	@RequestMapping(value = "/logout", method = RequestMethod.POST)
	@ApiOperation(value = "操作员登出", notes = "删除session，记录操作日志")
	public GenericResultDTO logout(HttpSession session) {
		
		Object result = session.getAttribute("user");
		if(result == null) {
			return new GenericResultDTO(false, "没有登陆，不需要退出");
		}
		session.removeAttribute("user");
		return new GenericResultDTO(true, "登出成功");
	}

	@RequestMapping(value = "/create", method = RequestMethod.POST)
	@ApiOperation(value = "创建操作员", notes = "创建操作员，记录操作日志，使用本接口前需先登录")
	public GenericResultDTO createUser(HttpSession session, @RequestBody CreateUserParam createUserParam) {
		Object result = session.getAttribute("user");
		if(result == null) {
			return new GenericResultDTO(false, "没有登陆，不能创建操作员");
		}
		LoginParam param = (LoginParam) result;
		/*
		 * if(!"admin".equals(userName)) { return new GenericResultDTO(false,
		 * "没有登陆，不能创建操作员"); }
		 */
		userService.createUser(param.getUserName(), createUserParam);
		return new GenericResultDTO(true, "操作员" + createUserParam.getUserName() + "创建成功");
	}

	@RequestMapping(value = "/chgpass", method = RequestMethod.POST)
	@ApiOperation(value = "修改登录密码", notes = "修改用户的登陆密码，记录操作日志，admin可以修改所有操作员密码，其他操作员只能修改自己的密码，使用本接口前需先登录")
	public GenericResultDTO changePassword(HttpSession session, @RequestBody ChangePasswordParam changePasswordParam) {
		Object result = session.getAttribute("user");
		if(result == null) {
			return new GenericResultDTO(false, "没有登陆，不能修改密码");
		}
		LoginParam param = (LoginParam) result;
		if(!param.getUserName().equals(changePasswordParam.getUserName())	
				&& !"admin".equals(param.getUserName())) {
			return new GenericResultDTO(false, "账户名不一致，不能修改密码");
		}
		userService.changePassword(param.getUserName(), changePasswordParam);
		return new GenericResultDTO(true, "操作员修改密码成功");
	}

	@RequestMapping(value = "/opers/{userName}", method = RequestMethod.GET)
	@ApiOperation(value = "获取操作员操作日志", notes = "查询操作员的操作日志，admin可以查询所有操作员的操作日志，其他操作员只能查询自己的操作日志，同时记录操作日志，使用本接口前需先登录")
	public List<OperDTO> listOpers(HttpSession session, @PathVariable(name = "userName") @ApiParam(value = "操作员名称") String userName) {
		Object result = session.getAttribute("user");
		if(result == null) {
			return new ArrayList<>();
		}
		LoginParam param = (LoginParam) result;
		if(!param.getUserName().equals(userName)	
				&& !"admin".equals(param.getUserName())) {
			return new ArrayList<>();
		}
		List<OperDTO> list = userService.getOpers(param.getUserName(), userName);
		return list;
	}

}
